Description
Azure DevOps Server Remote Code Execution Vulnerability
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Azure DevOps Server 2019.0.1 | affected |
|
||||||
| Microsoft | Azure DevOps Server 2022.0.1 | affected |
|
||||||
| Microsoft | Azure DevOps Server 2020.1.2 | affected |
|
||||||
| Microsoft | Azure DevOps Server | affected |
|
||||||
| Microsoft | Azure DevOps Server 2020.0.2 | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2023-41980 | Azure DevOps Server Remote Code Execution Vulnerability |
References
History
Wed, 01 Jan 2025 02:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:o:microsoft:azure_devops_server:2020.0.2:-:*:*:*:*:*:* cpe:2.3:o:microsoft:azure_devops_server:2020:-:*:*:*:*:*:* cpe:2.3:o:microsoft:azure_devops_server:2022.0.1:-:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: microsoft
Published:
Updated: 2025-10-30T18:18:06.568Z
Reserved: 2023-07-12T23:41:45.861Z
Link: CVE-2023-38155
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-09-12T17:15:19.527
Modified: 2024-11-21T08:12:58.437
Link: CVE-2023-38155
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses